Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/GvnE6m7iauLGCSS7CbDnljFEmIs.roa
File: GvnE6m7iauLGCSS7CbDnljFEmIs.roa (raw, json)
Hash identifier: msu9WyTfJX3LHkVXk9JC2LR+Gh1eq1qJQbnKM9bhqYk=
Subject key identifier: 1A:F9:C4:EA:6E:E2:6A:E2:C6:09:24:BB:09:B0:E7:96:31:44:98:8B
Certificate issuer: /CN=a74de092dc2e4d72aa7e6a960d21ad4e79758b3c
Certificate serial: 0C8518BE
Authority key identifier: A7:4D:E0:92:DC:2E:4D:72:AA:7E:6A:96:0D:21:AD:4E:79:75:8B:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p03gktwuTXKqfmqWDSGtTnl1izw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/GvnE6m7iauLGCSS7CbDnljFEmIs.roa
Signing time: Wed 06 Apr 2022 17:09:16 +0000
ROA not before: Wed 06 Apr 2022 17:09:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12521
IP address blocks: 91.195.72.0/23 maxlen: 24
91.195.102.0/23 maxlen: 24
212.85.32.0/20 maxlen: 24
212.85.32.0/19 maxlen: 24
212.85.48.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210049214 (0xc8518be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74de092dc2e4d72aa7e6a960d21ad4e79758b3c
Validity
Not Before: Apr 6 17:09:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1af9c4ea6ee26ae2c60924bb09b0e7963144988b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:8a:71:d5:15:9e:aa:2d:40:e7:57:b7:44:
12:b7:0a:63:dd:8b:91:49:51:ae:d8:fa:8d:5c:b3:
15:37:e9:2b:6d:94:eb:81:29:4b:71:38:12:dc:f7:
69:52:83:2e:bd:36:b0:1b:48:e4:09:5a:0b:36:61:
5b:2e:66:80:b1:79:77:9e:3b:6b:8c:6a:72:59:7f:
7b:f3:41:b5:e8:b3:e4:31:2d:40:51:bb:d6:77:f0:
e2:5b:75:20:3c:20:9b:4b:4b:9d:b9:02:4b:73:39:
65:eb:44:17:fc:2e:4f:9b:55:be:bc:f9:52:6c:f7:
91:53:69:62:72:1c:56:4e:33:f3:93:c6:0b:f4:8f:
39:b4:57:37:6d:81:10:14:17:a3:48:f2:30:0b:30:
7d:16:83:a8:6a:73:f6:ab:81:2b:09:4f:6a:32:7f:
07:6e:48:3d:a6:3c:20:e0:ad:ae:e5:a3:82:09:5d:
fb:38:b4:10:19:f8:0f:5e:82:69:be:b9:a6:ef:a0:
ed:8e:25:4e:8f:1a:8f:d7:30:7b:92:99:c2:8b:6c:
60:3e:68:1b:0b:56:de:42:2a:32:de:e0:e0:58:da:
d1:42:b4:8f:d7:23:84:c5:c0:76:e2:6d:c7:38:aa:
db:90:ba:81:a9:7f:5f:47:b1:a0:0d:83:dc:ca:fa:
f2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F9:C4:EA:6E:E2:6A:E2:C6:09:24:BB:09:B0:E7:96:31:44:98:8B
X509v3 Authority Key Identifier:
keyid:A7:4D:E0:92:DC:2E:4D:72:AA:7E:6A:96:0D:21:AD:4E:79:75:8B:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p03gktwuTXKqfmqWDSGtTnl1izw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/GvnE6m7iauLGCSS7CbDnljFEmIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/p03gktwuTXKqfmqWDSGtTnl1izw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.72.0/23
91.195.102.0/23
212.85.32.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:69:7d:50:4c:9f:a0:0a:87:56:9b:ab:91:d4:98:f2:18:99:
48:85:ba:a6:56:a6:9d:30:04:2c:ac:40:aa:fe:e9:bb:11:df:
19:a0:23:0d:2b:83:71:cd:df:83:fb:94:83:f5:75:39:26:68:
87:1f:79:63:5c:c3:a3:d1:01:94:7f:16:52:61:bb:d5:0b:57:
0e:ec:ce:43:b5:fe:8b:89:b6:73:4b:d2:18:ea:d4:08:1b:c0:
36:ee:ee:3f:12:9f:35:bc:f4:3a:39:84:77:f7:7e:68:64:fe:
f5:d9:d3:40:95:40:a0:e7:00:8d:6c:25:8c:16:0c:8c:2f:b2:
99:db:d9:e7:6a:99:c0:13:69:e2:90:38:e5:55:01:1e:05:f1:
84:2b:01:15:68:b5:79:63:11:d7:d0:53:ea:82:d5:e4:9d:29:
37:21:6c:b4:5f:2e:46:b4:48:e9:89:72:df:c4:e7:62:68:47:
36:e2:da:99:4b:fb:d4:68:15:9f:f5:46:b8:7c:af:30:d6:cf:
e6:ef:0a:14:25:d6:71:2a:1e:56:27:ad:b6:4a:87:9b:3d:f1:
86:28:66:91:68:38:c1:12:44:4b:30:9a:f1:1b:5e:09:ee:25:
cc:be:22:19:06:58:59:72:90:40:97:b5:c6:f8:1f:a1:b8:c5:
ba:62:fe:35
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDIUYvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzRkZTA5MmRjMmU0ZDcyYWE3ZTZhOTYwZDIxYWQ0ZTc5NzU4YjNjMB4XDTIyMDQw
NjE3MDkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWFmOWM0ZWE2ZWUy
NmFlMmM2MDkyNGJiMDliMGU3OTYzMTQ0OTg4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7VinHVFZ6qLUDnV7dEErcKY92LkUlRrtj6jVyzFTfpK22U
64EpS3E4Etz3aVKDLr02sBtI5AlaCzZhWy5mgLF5d547a4xqcll/e/NBteiz5DEt
QFG71nfw4lt1IDwgm0tLnbkCS3M5ZetEF/wuT5tVvrz5Umz3kVNpYnIcVk4z85PG
C/SPObRXN22BEBQXo0jyMAswfRaDqGpz9quBKwlPajJ/B25IPaY8IOCtruWjggld
+zi0EBn4D16Cab65pu+g7Y4lTo8aj9cwe5KZwotsYD5oGwtW3kIqMt7g4Fja0UK0
j9cjhMXAduJtxziq25C6gal/X0exoA2D3Mr68gcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQa+cTqbuJq4sYJJLsJsOeWMUSYizAfBgNVHSMEGDAWgBSnTeCS3C5Ncqp+
apYNIa1OeXWLPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AwM2drdHd1VFhLcWZtcVdEU0d0VG5sMWl6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvNDY5OTc0LTExODQtNDgyNC05MTgxLWY0YTI3NWQ2YjU4NC8x
L0d2bkU2bTdpYXVMR0NTUzdDYkRubGpGRW1Jcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
NDY5OTc0LTExODQtNDgyNC05MTgxLWY0YTI3NWQ2YjU4NC8xL3AwM2drdHd1VFhL
cWZtcVdEU0d0VG5sMWl6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvDSAMEAVvDZgMEBdRVIDANBgkq
hkiG9w0BAQsFAAOCAQEAqGl9UEyfoAqHVpurkdSY8hiZSIW6plamnTAELKxAqv7p
uxHfGaAjDSuDcc3fg/uUg/V1OSZohx95Y1zDo9EBlH8WUmG71QtXDuzOQ7X+i4m2
c0vSGOrUCBvANu7uPxKfNbz0OjmEd/d+aGT+9dnTQJVAoOcAjWwljBYMjC+ymdvZ
52qZwBNp4pA45VUBHgXxhCsBFWi1eWMR19BT6oLV5J0pNyFstF8uRrRI6Yly38Tn
YmhHNuLamUv71GgVn/VGuHyvMNbP5u8KFCXWcSoeViettkqHmz3xhihmkWg4wRJE
SzCa8RteCe4lzL4iGQZYWXKQQJe1xvgfobjFumL+NQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:25 2023 by rpki-client on console.sobornost.net